public void OnActionExecuting(ActionExecutingContext context) { string signature = context.HttpContext.Request.Headers["signature"]; string timestamp = context.HttpContext.Request.Headers["timestamp"]; string nonce = context.HttpContext.Request.Headers["nonce"]; if (string.IsNullOrEmpty(signature) || string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(nonce)) { context.Result = new ContentResult() { Content = "Resource unavailable - header should not be set" }; } else { bool check = SignatureUtil.CheckSignature(signature, timestamp, nonce); if (!check) { context.Result = new ContentResult() { Content = "Resource unavailable - invalidated signature" }; } } }